mirror of https://github.com/ConsenSys/mythril
blockchainethereumsmart-contractssoliditysecurityprogram-analysissecurity-analysissymbolic-execution
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
46 lines
2.6 KiB
46 lines
2.6 KiB
6 years ago
|
{
|
||
|
"success": true,
|
||
|
"error": null,
|
||
|
"issues": [
|
||
|
{
|
||
|
"title": "Dependence on predictable environment variable",
|
||
|
"description": "In the function `_function_0xe9874106` the following predictable state variables are used to determine Ether recipient:\n- block.coinbase\n",
|
||
|
"function": "_function_0xe9874106",
|
||
|
"type": "Warning",
|
||
|
"address": 1285,
|
||
|
"debug": "<DEBUG-DATA>"
|
||
|
},
|
||
|
{
|
||
|
"title": "Ether send",
|
||
|
"description": "In the function `_function_0xe9874106` a non-zero amount of Ether is sent to an address taken from storage slot 0.\nThere is a check on storage index 0. This storage slot can be written to by calling the function `fallback`.\n\nThere is a check on storage index 1. This storage slot can be written to by calling the function `fallback`.\nThere is a check on storage index 1. This storage slot can be written to by calling the function `fallback`.",
|
||
|
"function": "_function_0xe9874106",
|
||
|
"type": "Warning",
|
||
|
"address": 1285,
|
||
|
"debug": "<DEBUG-DATA>"
|
||
|
},
|
||
|
{
|
||
|
"title": "Exception state",
|
||
|
"description": "A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that `assert()` should only be used to check invariants. Use `require()` for regular input checking. ",
|
||
|
"function": "fallback",
|
||
|
"type": "Informational",
|
||
|
"address": 356,
|
||
|
"debug": "<DEBUG-DATA>"
|
||
|
},
|
||
|
{
|
||
|
"title": "Exception state",
|
||
|
"description": "A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that `assert()` should only be used to check invariants. Use `require()` for regular input checking. ",
|
||
|
"function": "_function_0xe9874106",
|
||
|
"type": "Informational",
|
||
|
"address": 146,
|
||
|
"debug": "<DEBUG-DATA>"
|
||
|
},
|
||
|
{
|
||
|
"title": "Transaction order dependence",
|
||
|
"description": "A possible transaction order independence vulnerability exists in function _function_0xe9874106. The value or direction of the call statement is determined from a tainted storage location",
|
||
|
"function": "_function_0xe9874106",
|
||
|
"type": "Warning",
|
||
|
"address": 1285,
|
||
|
"debug": "<DEBUG-DATA>"
|
||
|
}
|
||
|
]
|
||
|
}
|